Code42 Software integrates its IRM solutions to accelerate response to risky employee behaviors

Code42 Software has launched a new integration between its two IRM solutions – Instructor and Incydr – to accelerate and scale in-the-moment response to risky employee behaviors.

The new capability allows security, compliance and education teams to send corrective lessons triggered by employee actions that create risk for the business.

For example, when the Code42 Incydr product flags file movement to an untrusted location, like an unauthorized cloud application, a Code42 Instructor micro-learning solution video specifically explaining the correct activity is sent to educate the employee in real-time.

By using Instructor in tandem with Incydr to send responsive lessons, security professionals are able to educate users on security mistakes immediately when they occur.

Templated communications and the ability to send within Incydr allows analysts to scale and save time when it comes to low and moderate alerts, which are often accidental, and for which education is the appropriate response.

With this approach, security teams can spend more time on higher severity events that present an increased risk to the business while still providing a hands-on, human experience for their colleagues.

“Just because the vast majority of Insider Risk events are accidental, doesn’t mean they won’t impact the business or don’t require correction. The trick is how to respond quickly and contextually, without overburdening your security team. This is the exact reason we created Instructor risk reduction trainings and have embedded them as a key response control implemented by Incydr,” said Dave Capuano, senior vice president of product management at Code42.

“We know employee education is a critical, and often overlooked, element to holistic Insider Risk Management programs. Delivering Instructor lessons through Incydr reduces risk in two complementary ways: (1) the majority of employees will immediately correct whatever action they took to trigger the video; and (2) because you’ve given information contextually, they’re more likely to understand why their action was risky, preventing future risky behavior and reducing data risk events over time,” concluded Capuano.

Together, Incydr and Instructor enable security teams to manage the dynamic nature of Insider Risk – which includes prioritizing and responding appropriately to the risks that matter the most.

While Incydr surfaces the top indicators of Insider Risk and gathers detailed security intelligence about file movements to both trusted and untrusted locations, Instructor provides a customized, one-click response to the majority of Insider Risk events.

According to a 2021 survey by Code42 and CyberSecurity Insiders, 71% of security leaders reported that they are most concerned about an inadvertent [negligent or accidental] data leak.

And they’re right to be worried: risk from insiders is pervasive and can account for the loss of up to 20% of annual revenue. At a time when employees average 13 data exposure events per user per day, security teams require scalable solutions that focus on contextual education.

Additional details about the offering:

• Built into Incydr: Send relevant Instructor lessons directly from user profiles and alerts.
• Referenceable lesson activity: Keep track of who received what Instructor lessons so you have a record of activity to inform your future training strategy.
• Email delivery: Send Instructor lessons directly to users via email, making it easy for them to quickly watch and learn.
• Communication templates: Leverage pre-built email templates to communicate lesson assignments to users, or customize them to your business.

Learn more about Code42’s Insider Risk Management offering

Instructor: Not a one size fits all approach

Instructor improves Insider Risk awareness by focusing on the creation of holistic, security-oriented cultures. The solution delivers actionable, hyper-targeted and bite-sized lessons to end-users when they’re needed most, helping to change security behavior for the long term.

The Instructor solution helps organizations rapidly mature their Insider Risk Management programs by incorporating data-driven Insider Risk behavioral guidance for end-users.

Instructor provides three types of lessons:

• Proactive lessons
• Situational lessons
• Responsive lessons

Incydr: Data security product for exfiltration

Incydr is an Insider Risk Management solution that provides the visibility, context and controls needed to stop data leak and IP theft.

Organizations utilize Incydr to detect and respond to data exposure and exfiltration from corporate computer, cloud and email systems.

It deploys in hours so security teams can address material risk to the business in a matter of days and drive the secure work habits needed to decrease how often employees put data at risk in the future.

The importance of right-sized response for Insider Risk Management

The Code42 right-sized Response methodology – a philosophy built on the principle that every organization has a different risk tolerance – helps security teams to detect and respond quickly and effectively when employees put corporate data at risk.

By aligning security teams’ responses to risky employee behavior with organizational risk tolerance, Code42 helps to reduce alert fatigue and improve the scalability of automated responses.